A German security researcher, Thomas Skora, has exposed a vulnerability in Android that allows reading of contactless credit card data in NFC enabled smartphones. This exploit could allow criminals to steal credit card info via NFC chips.
Skora managed to create an app for testing purpose and uploaded it to the Google Play Store. The application was able to read credit card information like card number, issue and expiry date and bank code from German PayPass MasterCard and GledKarte. Google lived up to its reputation and removed the app from the Play Store as soon as they learned about it.
The application's source code has been released so that other developers can work publicly on it and get the vulnerability fixed as soon as possible. The SmartCard Alliance is also currently working on it, and though they confirmed that the app has the ability to initiate a fraudulent transaction, luckily no such cases have been reported yet.